CC-Sanitizer

A CLI tool to clean thinking blocks from Claude Code sessions, fixing cross-model compatibility issues.

When you switch between third-party models (GLM, DeepSeek, etc.) and official Anthropic models in Claude Code, the session can break with:

400 invalid_request_error: messages.X.content.0: Invalid signature in thinking block

This happens because third-party models produce thinking blocks without valid Anthropic signatures. cc-sanitizer strips these blocks from your session files so you can continue using official models.

No install needed. Scan all your Claude Code sessions for suspect thinking blocks:

npx cc-sanitizer scan

Found a broken session? Preview, then strip the suspect blocks:

npx cc-sanitizer strip <session>.jsonl --dry-run       # preview changes
npx cc-sanitizer strip <session>.jsonl --suspect-only  # remove blocks with no valid signature

Targets — scan, strip, and restore accept a file path, or a bare session id (<uuid> or <uuid>.jsonl) or a project name. Bare ids and names are resolved against ~/.claude/projects/, so you can copy a name straight from the output of cc-sanitizer scan and pass it back — no full path needed. Run any command with no argument to list projects (or, for scan, scan everything).

Scan session files for thinking blocks and report valid vs suspect signatures.

# Scan a single session
cc-sanitizer scan session.jsonl

# Scan all sessions in a project
cc-sanitizer scan ~/.claude/projects/my-project/ --project

# Scan all projects
cc-sanitizer scan

Remove thinking blocks from session files.

# Preview changes (dry-run)
cc-sanitizer strip session.jsonl --dry-run

# Strip with backup (default)
cc-sanitizer strip session.jsonl

# Only remove blocks without valid Anthropic signatures
cc-sanitizer strip session.jsonl --suspect-only

# Strip without backup
cc-sanitizer strip session.jsonl --no-backup

# Strip all sessions in a project
cc-sanitizer strip ~/.claude/projects/my-project/ --project

Options:

Restore session files from .bak backups created by strip.

# Restore a single session
cc-sanitizer restore session.jsonl

# Restore all backups in a project
cc-sanitizer restore ~/.claude/projects/my-project/ --project

Claude Code stores sessions as JSONL files in ~/.claude/projects/<encoded-cwd>/<uuid>.jsonl. Each line is a JSON event; assistant messages contain a content array with blocks like text, tool_use, thinking, and redacted_thinking.

cc-sanitizer parses each assistant message and removes thinking blocks. The remaining content (text, tool results, tool calls) is preserved, keeping the conversation history intact.

Anthropic thinking blocks carry a base64-encoded signature (~700-1000 chars). Third-party models either omit this or produce non-standard formats. The --suspect-only mode uses this heuristic to distinguish them:

• Valid: base64 string, 600-1200 chars
• Suspect: missing signature, short string, or non-base64 characters

• Cannot repair signatures — Anthropic signatures are generated server-side with private keys. This tool can only remove blocks, not create valid ones.
• Heuristic detection — --suspect-only uses signature length/format as a heuristic. If a third-party model produces a 600+ char base64 string, it may be missed.
• Empty events — If an assistant message contains only thinking blocks, stripping them removes the entire event from the session.

• anthropics/claude-code#21726 — Original bug report
• anthropics/claude-code#10154 — Gemini CLI issue

MIT